For any given data collector device such as the AMD, you can set a variety of options such as time thresholds. The general settings affect monitoring of default and user-defined software
services. Some of them can then be overridden by settings for a particular analyzer, software service, or URL.
To define general settings for an AMD:
1. Start and log in to RUM Console.
2. To display the current device list, select Devices and Connections ➤ Manage Devices from the top menu.
3. Select Open Configuration from the context menu for an AMD. The AMD Configuration window appears.
4. Navigate to Configuration ➤ Global ➤ General to access the list of general configuration settings.
While some of the options control only general AMD behavior, some options in the Advanced group affect more specific configurations in application monitoring. For example, if Inherit from global settings is selected in your other configurations while configuring user-defined software services, the global setting takes precedence over the specific monitoring configuration.
Configuration options include: Monitoring interval
The monitoring interval in minutes. Increasing this value reduces the number of chunks of data that need to be transferred and processed.
Default: 5 minutes.
Make sure that the monitoring interval is synchronized between the data collectors. Operation time threshold
The number of seconds after which an operation is considered to be “slow”. The global threshold value depends on the analyzer.
This threshold is used by the following analyzers:
Cerner
Cerner over MQ Epic
Generic with transactions HTTP
MS Exchange over HTTP MS Exchange over HTTPS Oracle Applications over HTTP Oracle Applications over HTTPS SAP GUI
SAP GUI over HTTP SAP GUI over HTTPS SMTP
SSL
SSL Decrypted Siebel over HTTP Siebel over HTTPS Chapter 5 ∙ Basic Monitoring Configuration
Server time threshold
Server time threshold relates to the server time portion of a overall operation time. Server times above the threshold limit are considered to be slow due to poor datacenter performance.
This threshold is used by the following analyzers:
HTTP
Oracle Applications over HTTP Oracle Applications over HTTPS SAP GUI over HTTP
SAP GUI over HTTPS
IP address of the server authorized to set AMD time
The IP address of the report server that has the authority to synchronize the time with this AMD.
In an environment with a number of servers sharing the same AMD, it is good practice to use only one of these servers (a designated chosen time synchronization server) to make changes to AMD settings. Otherwise, the server used for time synchronization will change inadvertently every time you save an AMD configuration.
Default analyzer
The default setting for the TCP analyzer is Generic (with transactions). To change it, select another analyzer from the list.
Client RST packet timeout to mark session as CLOSED
If the time between the last ACK for data sent by the server and an RST packet sent by the client is greater than this value, the session is treated as closed instead of aborted.
Huge packet size
The upper size limit, in bytes, of an HTTP request to be processed successfully by the AMD.
Maximum packet size
The AMD is capable of processing packets of up to 16128 bytes, besides the Ethernet standard MTU (Maximum Transmission Unit) of 1536 bytes.
Choose one of the predefined values (2048, 4096, 8192, or 16132 bytes) to enable the AMD to process non-standard MTU packets. When you have chosen the Maximum packet size value, make sure that you also set the Huge packet size to an applicable value.
Enabling theAMD to process nonstandard MTU packets without extending RAM on the machine and leaving Packet buffer size (64-bit AMDs only) and Data memory limit unchanged can cause an excessive packet loss. To avoid this, extend RAM and configure its usage as recommended in the tables below. For more information, see Setting Packet Buffer Size in the Data Center Real User Monitoring
Agentless Monitoring Device Installation Guide and Setting Data Memory Limit in
the Data Center Real User Monitoring Agentless Monitoring Device Installation
Guide.
Table 1. Recommended RAM configuration for Maximum packet size values for 64-bit AMDs Packet buffer count Packet buffer size Data memory limit RAM size 64-bit
minimum (recommended) Maximum packet size 1,200,000 1832 MB 1024 MB 4 GB (32 GB) 1522 B 1,500,000 2289 MB 1024 MB 5 GB (32 GB) 1522 B 1,500,000 3022 MB 1024 MB 6 GB (32 GB) 2048 B 1,500,000 5951 MB 1024 MB 12 GB (32 GB) 4096 B 1,500,000 11811 MB 1024 MB 22 GB (48 GB) 8192 B 1,000,000 15687 MB 1024 MB 32 GB (64 GB) 16132 B 1,500,000 23530 MB 1024 MB 48 GB (64 GB) 16132 B Sampling enabled
Supported in 64-bit customized AMD drivers and all- native drivers. The sampling mechanism is very beneficial when heavy traffic may negatively affect AMD performance and there is a risk of losing IP session consistency. When this option is enabled, the AMD tries to analyze the greatest possible portion of traffic. It drops packets in a controlled manner that preserves complete and consistent sessions. Note that statistics for dropped packets are not shown on the report server.
If packets are dropped because of sampling, the CAS shows notification messages. For percentages between 75 and 99, you will see a warning icon; for values below 75, the report server will issue error messages.
When this option is disabled and network interface driver performance is degraded, random packets are dropped.
Default: enabled.
For more information, see Using Network Interfaces with Native Drivers in the Data
Center Real User Monitoring Agentless Monitoring Device Installation Guide and Driver, Network and Interface Configuration in the Data Center Real User Monitoring Agentless Monitoring Device Installation Guide.
Deduplication method
You can choose one of four methods for eliminating duplicate packets:
• Based on TCP checksum and IP ID – Using this method, duplicate packets are detected based on their TCP checksum and IP ID.
• Based on TCP checksum and IP ID (excluded SEQ and ACK numbers) – Using this more complex, two-stage method, duplicate packets are detected based on a modified packet KCP checksum (SEQ and ACK numbers are excluded) and IP ID. This method is useful if the AMD captures packets on various interfaces of the router, rewriting SEQ and ACK numbers.
A packet is considered a duplicate when the modified checksum, IP ID, and SEQ and ACK numbers are identical. First, a packet checksum with SEQ and ACK Chapter 5 ∙ Basic Monitoring Configuration
numbers is created and compared to the packets stored in the detection buffer. If the comparison indicates that the packet is not a duplicate, it is checked to determine whether it matches the current session. A packet matches the current session when its SEQ and ACK numbers are different from processed and cached numbers by the value defined in TCP duplicate window. If the difference exceeds the defined value, the AMD assumes the ACK and SEQ numbers were rewritten by the router and the packet is considered a duplicate.
• TCP checksum, IP ID and MAC address (excluded SEQ and ACK) Similar to TCP checksum and IP ID (excluded SEQ and ACK numbers) – Using this method, the deduplication process is similar to the one based on TCP checksum and IP ID (excluded SEQ and ACK numbers), but on top of TCP checksum and IP ID, the MAC address is also taken into account.
• TCP checksum, IP ID and MAC address – Using this method, duplicate packets are detected based on their TCP checksum, IP ID and MAC address.
TCP duplicate window
This setting is useful only if Deduplication method is set to Based on TCP checksum with excluded SEQ and ACK numbers. It is used for determining whether a packet, based on its SEQ and ACK numbers, belongs in the session. If a packet's SEQ and ACK numbers differ from the current session's SEQ and ACK numbers by a value larger than TCP duplicate window, the packet is considered a duplicate.
Default: 65536. Packet buffer size
The number of packets to keep in the buffer for use as a basis for comparison in duplicate packet detection. Newly captured packets are sequentially compared to the packets in the buffer. A newly captured non-duplicate packet (all packets in the buffer are unique) is placed on the top of the stack and the oldest is removed.
Range: 6 to 24 packets. Default: 16.
Reset duplicate detection time threshold
Time of inactivity (in seconds) after which the duplicate packets elimination mechanism is reset. If Deduplication method is set to Based on TCP checksum with excluded SEQ and ACK numbers, the Reset duplicate detection time threshold should be greater than every response generation time (server time).
5. Save or publish the configuration.
• Click Save to save your changes and continue with configuration.
• Click Save and Publish to immediately update the devices configuration.
6. Close the AMD Configuration window.